Tags » XSS

Moodle 2.7 Persistent XSS

Overview

I hope you all have heard about the Moodle project. The full form is Moodle Modular Object-Oriented Dynamic Learning Environment. This project is a free open-source project which focuses in teaching and learning online courses effectively. 1,080 more words

Something for the weekend, sir?

In what seems to now have been a storming comeback, the European chapter of Weekend Testing was a breath of fresh air in the learning opportunities for testers. 793 more words

Testing

Stored Cross Site Scripting

Stored Cross Site Scripting

Content will be added soon

XSS

Concrete 5.6.2.1 Multiple XSS

While I was playing around with Concrete 5.6.2.1 CMS, I wanted to know how this application shows us a hyperlink to the “Back” button. I found something interesting in the “download_file.php” file. 903 more words

Security threat - Broken authentication & session management

Application functions related to authentication and session management are often not implemented correctly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities. 420 more words

Security

Security Threat - Cross-site scripting (XSS)

Cross-site scripting (XSS) is when an application sends untrusted data to the web browser than can be interpreted as a piece of code. This way, attackers can execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. 425 more words

Security

Cross Site Scripting Attacks (XSS)

An XSS attack is one of the top most tried out attacks on a PHP enabled system and your PHP script may not be immune. 396 more words

PHP